MicrosoftSecurityIncidentCreationAlertRule interface

Package:

@azure/arm-securityinsight

Represents MicrosoftSecurityIncidentCreation rule.

Extends

AlertRule

Properties

alertRuleTemplateName	The Name of the alert rule template used to create this rule.
description	The description of the alert rule.
displayName	The display name for alerts created by this alert rule.
displayNamesExcludeFilter	the alerts' displayNames on which the cases will not be generated
displayNamesFilter	the alerts' displayNames on which the cases will be generated
enabled	Determines whether this alert rule is enabled or disabled.
kind	Polymorphic discriminator, which specifies the different types this object can be
lastModifiedUtc	The last time that this alert has been modified. NOTE: This property will not be serialized. It can only be populated by the server.
productFilter	The alerts' productName on which the cases will be generated
severitiesFilter	the alerts' severities on which the cases will be generated

Inherited Properties

etag	Etag of the azure resource
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.
name	The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.
systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.
type	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

Property Details

alertRuleTemplateName

The Name of the alert rule template used to create this rule.

alertRuleTemplateName?: string

Property Value

string

description

The description of the alert rule.

description?: string

Property Value

string

displayName

The display name for alerts created by this alert rule.

displayName?: string

Property Value

string

displayNamesExcludeFilter

the alerts' displayNames on which the cases will not be generated

displayNamesExcludeFilter?: string[]

Property Value

string[]

displayNamesFilter

the alerts' displayNames on which the cases will be generated

displayNamesFilter?: string[]

Property Value

string[]

enabled

Determines whether this alert rule is enabled or disabled.

enabled?: boolean

Property Value

boolean

kind

Polymorphic discriminator, which specifies the different types this object can be

kind: "MicrosoftSecurityIncidentCreation"

Property Value

"MicrosoftSecurityIncidentCreation"

lastModifiedUtc

The last time that this alert has been modified. NOTE: This property will not be serialized. It can only be populated by the server.

lastModifiedUtc?: Date

Property Value

Date

productFilter

The alerts' productName on which the cases will be generated

productFilter?: string

Property Value

string

severitiesFilter

the alerts' severities on which the cases will be generated

severitiesFilter?: string[]

Property Value

string[]

Inherited Property Details

etag

Etag of the azure resource

etag?: string

Property Value

string

Inherited From AlertRule.etag

id

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.

id?: string

Property Value

string

Inherited From AlertRule.id

name

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

name?: string

Property Value

string

Inherited From AlertRule.name

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

systemData?: SystemData

Property Value

SystemData

Inherited From AlertRule.systemData

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

type?: string

Property Value

string

Inherited From AlertRule.type